Ten Strategies of a World-Class Cybersecurity Operations Center
Covers ten key qualities of leading Cyber Security Operations Centers (CSOCs), ranging from their structure and organization, to processes that best enable smooth operations, to approaches that extract maximum value from key CSOC technology investments.
Publication date: 31 Dec 2014
ISBN-10: 0692243100
ISBN-13: 9780692243107
Paperback: 346 pages
Views: 8,453
Ten Strategies of a World-Class Cybersecurity Operations Center
Zimmerman wrote:Today's cybersecurity operations center (CSOC) should have everything it needs to mount a competent defense of the ever-changing information technology (IT) enterprise. This includes a vast array of sophisticated detection and prevention technologies, a virtual sea of cyber intelligence reporting, and access to a rapidly expanding workforce of talented IT professionals. Yet, most CSOCs continue to fall short in keeping the adversary—even the unsophisticated one—out of the enterprise.
The deck is clearly stacked against the defenders. While the adversary must discover only one way in, the defenders must defend all ways in, limit and assess damage, and find and remove adversary points of presence in enterprise systems. And cybersecurity experts increasingly recognize that sophisticated adversaries can and will establish lasting footholds in enterprise systems. If this situation were not bad enough, more often than not, we are our own worst enemy. Many CSOCs expend more energy battling politics and personnel issues than they do identifying and responding to cyber attacks. All too often, CSOCs are set up and operate with a focus on technology, without adequately addressing people and process issues. The main premise of this book is that a more balanced approach would be more effective.
This book describes the ten strategies of effective CSOCs—regardless of their size, offered capabilities, or type of constituency served.
About The Author(s)